package org.catspaw.cherubim.security.shiro;

import java.util.Collection;

import org.apache.shiro.SecurityUtils;
import org.catspaw.cherubim.security.Principal;
import org.catspaw.cherubim.security.SecurityMaster;
import org.catspaw.cherubim.security.rbac.persistence.RbacRepository;

public class ShiroSecurityMaster implements SecurityMaster {

	private RbacRepository	repository;

	public Principal getCurrentPrincipal() {
		return (Principal) SecurityUtils.getSubject().getPrincipal();
	}

	public boolean isPermitted(String resource, String operation) {
		String resourceCode = repository.findResourceCodesByResourceString(resource);
		String permission = resourceCode + ":" + operation;
		return isPermitted(permission);
	}

	public boolean isPermitted(String permission) {
		return SecurityUtils.getSubject().isPermitted(permission);
	}

	public boolean isPermittedAll(Collection<String> permissions) {
		return SecurityUtils.getSubject().isPermittedAll(permissions.toArray(new String[permissions.size()]));
	}

	public RbacRepository getRbacRepository() {
		return repository;
	}

	public void setRbacRepository(RbacRepository repository) {
		this.repository = repository;
	}
}
